www.removal-removal.com Open in urlscan Pro
185.52.53.247 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.removal-removal.com/cap/cap0l/home/
Submission: On July 26 via automatic, source phishtank (July 26th 2017, 5:43:11 pm UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 185.52.53.247, located in Netherlands and belongs to SECUREDSERVERS-, EU. The main domain is www.removal-removal.com.

This is the only time www.removal-removal.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: CapitalOne (Financial)

Domain & IP information

	IP Address		AS Autonomous System
16	185.52.53.247 185.52.53.247		60558 (SECUREDSE...) (SECUREDSERVERS-)
16	1

16 185.52.53.247 (Netherlands)

ASN60558 (SECUREDSERVERS-, EU)
PTR: eu-ams1.websitelayer.com

www.removal-removal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	removal-removal.com www.removal-removal.com	79 KB
16	1

	Domain	Requested by
16	www.removal-removal.com	www.removal-removal.com
16	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.removal-removal.com/cap/cap0l/home/
Frame ID: 23330.1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

16
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

79 kB
Transfer

82 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.removal-removal.com/cap/cap0l/home/ Redirect Chain http://www.removal-removal.com/cap/cap0l/home http://www.removal-removal.com/cap/cap0l/home/	4 KB 1 KB	13ms 13ms	Document text/html	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Full URL http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `40089b0116cd28ce6c57ac1f9bc044d2677de0bd874592bba6456c07d41fc3b8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Content-Encoding gzip Last-Modified Wed, 07 Oct 2015 06:23:02 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Content-Length 1329 Redirect headers Location http://www.removal-removal.com/cap/cap0l/home/ Date Wed, 26 Jul 2017 17:43:00 GMT Server LiteSpeed Connection Keep-Alive Accept-Ranges bytes Content-Length 1147 Content-Type text/html
GET H/1.1	200 OK	header.png www.removal-removal.com/cap/cap0l/home/images/	302 B 302 B	13ms 12ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/header.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `4b53c31b7d666793ca1a5717d0ef7dbc6b6d4893f6fa845c3376f89a031dff87` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Sat, 04 Feb 2017 04:41:44 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 302 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	2.png www.removal-removal.com/cap/cap0l/home/images/	8 KB 8 KB	41ms 14ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/2.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `d95d50794d5ec08377f3ea2f0b8eb1c0d8b87402b63f6cc926471edd22f3dd37` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Tue, 29 Sep 2015 07:23:42 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 8026 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	capital.png www.removal-removal.com/cap/cap0l/home/images/	15 KB 15 KB	40ms 13ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/capital.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `a2622254dbe81f287be45f354273b604dfcb3d53c77283a151f49d77ab335018` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Sat, 04 Feb 2017 03:15:36 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 15342 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	line.png www.removal-removal.com/cap/cap0l/home/images/	317 B 317 B	40ms 13ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/line.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `e8dd6424869ace2ba893f5fc7d9fb39bb16ae53bdc8c02bc8795193934c44e94` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Sat, 04 Feb 2017 04:38:18 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 317 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	login%201.png www.removal-removal.com/cap/cap0l/home/images/	4 KB 4 KB	52ms 13ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/login%201.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `e47148e91e7e828c6fe171fb49761d5760c44b687328a643dae255656584f1e3` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Thu, 01 Oct 2015 09:48:24 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 4345 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	linneee.png www.removal-removal.com/cap/cap0l/home/images/	172 B 172 B	53ms 13ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/linneee.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `ba955e750442a168daa4adb2de107d5ca1d6e53754c7ffcc81e0465399fd1966` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Tue, 29 Sep 2015 07:30:32 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 172 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	login%202.png www.removal-removal.com/cap/cap0l/home/images/	4 KB 4 KB	18ms 12ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/login%202.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `8a73ed05ab52d34cc72d57e023af77f042bee2f9d0990661b0ec00a2498cb11e` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Thu, 01 Oct 2015 09:48:38 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 4378 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	buttom.png www.removal-removal.com/cap/cap0l/home/images/	3 KB 3 KB	24ms 14ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/buttom.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `5ae3e1d69f2b7e84cc3958f4fa4eb411343694d90a7458fd0a5284a1f6ae21c0` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Tue, 29 Sep 2015 07:52:24 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 3420 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	open.png www.removal-removal.com/cap/cap0l/home/images/	182 B 182 B	23ms 13ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/open.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `700f5cc4dcf86f96af5d743d7a1e1bb3b4de4754ff0ee672fb39e580fb8a1510` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Sat, 04 Feb 2017 03:40:48 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 182 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	sign.png www.removal-removal.com/cap/cap0l/home/images/	158 B 158 B	23ms 13ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/sign.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `36c8d8d796338f9fd7d95a48afbe179180e1f50086926e9c29239189d1a39311` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Sat, 04 Feb 2017 03:40:24 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 158 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	line2.png www.removal-removal.com/cap/cap0l/home/images/	211 B 211 B	24ms 13ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/line2.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `a5a825c909337f8b6d68e58f14cca47f041161709e82a21f0345651fca3a6665` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Sat, 04 Feb 2017 03:45:04 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 211 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	footer.png www.removal-removal.com/cap/cap0l/home/images/	38 KB 38 KB	30ms 12ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/footer.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `bcd16fd121193391dac5f49e0fc4eff6ccc2eb956b4a075259f1c976259286f1` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Sat, 04 Feb 2017 04:17:56 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 38448 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	dont.png www.removal-removal.com/cap/cap0l/home/images/	1 KB 1 KB	38ms 14ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/dont.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `6b86c980170ab761c7a840aa9dd724a211913a423d6cdb997ecac1cb1d0296ac` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Tue, 29 Sep 2015 07:57:16 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 1256 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	for.png www.removal-removal.com/cap/cap0l/home/images/	2 KB 2 KB	36ms 13ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/for.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `91a0097f1c632aa5fbe9ee7b21c48d8191714c6ccd2d14ff71ceb0a7829cf5be` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Tue, 29 Sep 2015 07:57:52 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 2268 Expires Wed, 02 Aug 2017 17:43:00 GMT
GET H/1.1	200 OK	pass.png www.removal-removal.com/cap/cap0l/home/images/	777 B 777 B	24ms 14ms	Image image/png	185.52.53.247 SECUREDSERVERS-
General Check archive.org Show headers Download Go to Show image Full URL http://www.removal-removal.com/cap/cap0l/home/images/pass.png Requested by Host: www.removal-removal.com URL: http://www.removal-removal.com/cap/cap0l/home/ Protocol HTTP/1.1 Server 185.52.53.247 , Netherlands, ASN60558 (SECUREDSERVERS-, EU), Reverse DNS eu-ams1.websitelayer.com Software LiteSpeed / Resource Hash `5fe2c6ed2b52f2b4b053b7c5a56bbcb12e42a48b687e778c3ee4fd5512a292f5` Request headers Referer http://www.removal-removal.com/cap/cap0l/home/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Wed, 26 Jul 2017 17:43:00 GMT Last-Modified Tue, 29 Sep 2015 08:21:04 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 777 Expires Wed, 02 Aug 2017 17:43:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: CapitalOne (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.removal-removal.com
185.52.53.247
36c8d8d796338f9fd7d95a48afbe179180e1f50086926e9c29239189d1a39311
40089b0116cd28ce6c57ac1f9bc044d2677de0bd874592bba6456c07d41fc3b8
4b53c31b7d666793ca1a5717d0ef7dbc6b6d4893f6fa845c3376f89a031dff87
5ae3e1d69f2b7e84cc3958f4fa4eb411343694d90a7458fd0a5284a1f6ae21c0
5fe2c6ed2b52f2b4b053b7c5a56bbcb12e42a48b687e778c3ee4fd5512a292f5
6b86c980170ab761c7a840aa9dd724a211913a423d6cdb997ecac1cb1d0296ac
700f5cc4dcf86f96af5d743d7a1e1bb3b4de4754ff0ee672fb39e580fb8a1510
8a73ed05ab52d34cc72d57e023af77f042bee2f9d0990661b0ec00a2498cb11e
91a0097f1c632aa5fbe9ee7b21c48d8191714c6ccd2d14ff71ceb0a7829cf5be
a2622254dbe81f287be45f354273b604dfcb3d53c77283a151f49d77ab335018
a5a825c909337f8b6d68e58f14cca47f041161709e82a21f0345651fca3a6665
ba955e750442a168daa4adb2de107d5ca1d6e53754c7ffcc81e0465399fd1966
bcd16fd121193391dac5f49e0fc4eff6ccc2eb956b4a075259f1c976259286f1
d95d50794d5ec08377f3ea2f0b8eb1c0d8b87402b63f6cc926471edd22f3dd37
e47148e91e7e828c6fe171fb49761d5760c44b687328a643dae255656584f1e3
e8dd6424869ace2ba893f5fc7d9fb39bb16ae53bdc8c02bc8795193934c44e94

www.removal-removal.com Open in urlscan Pro 185.52.53.247 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

16 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

79 kBTransfer

82 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

www.removal-removal.com Open in urlscan Pro
185.52.53.247 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

79 kB
Transfer

82 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!